Week 4: Encryption
Ever stop to think about the data you have stored on your device? On your personal device, you might have email, texts, photos, financial information and so much more. On your work device, you most likely have email, documents and perhaps confidential data. How do you keep that data safe if your device is lost or stolen?
Encryption keeps the data on your device safe in case it’s ever lost or stolen. You should use encryption on devices such as laptops, phones, tablets, and other mobile devices on which you store data.
The University of Illinois has defined itself as a “hybrid entity” under Health Insurance Portability and Accountability Act (HIPAA). Meaning that there are parts of the university called HIPAA Covered Components (HCCs) that are subject to HIPAA regulations and parts that are not. As directed by the University’s HIPAA Directive, all portable devices in HCCs must be encrypted.
For information about which units are in the covered entity, visit hipaa.uillinois.edu/health-care-components
Encryption is often warranted in units outside of the covered entity as well. Faculty and staff that deal with sensitive information such as FERPA (Family Education Rights and Privacy Act) data, financial and research information, should encrypt their devices to safeguard this data in the event of loss.
ACCC offers two Device Encryption options to faculty and staff:
Microsoft BitLocker: Microsoft BitLocker Administration and Monitoring (MBAM) provides reporting and monitoring
capabilities for departments to ensure compliance of departmental assets. This option should be used for all
Windows devices connected to the university’s active directory.
Symantec PGP: PGP software provides easy-to-use and secure encryption to protect sensitive data on laptops or PCs
for Faculty and Staff, and also provides monitoring and reporting. This option is ideal for older windows devices that
do not have a Trusted Platform Module (TPM) chip, and for Mac OS systems.
Both solutions offered provide a high level of encryption security while allowing the university to demonstrate that a protected device was encrypted if lost or stolen. These solutions also allow for authenticated key recovery if required, while logging all such requests for accountability.
Microsoft BitLocker service page: accc.uic.edu/service/encryption/MBAM
- How to install MBAM
- How to Encrypt using MBAM
- Unlocking an Encrypted Computer using the MBAM Self Service Portal
- Common Issues
Symantec PGP service page: accc.uic.edu/service/encryption/pgp-encryption
- About PGP Desktop Encryption
- PGP, Public and Private Keys, and How PGP Encryption Works
- PGP Desktop Encryption Guides
Un-encrypted data is readable by anyone, so hide your cards — encryption is your poker face. Bad actors can’t steal what they can’t see.